Home » HP Manuals » Hubs & Switches » HP 4x1Ex32 » Manual Viewer

HP 4x1Ex32 HP IP Console Viewer User Guide - Page 42

Configuring authentication parameters, Parameter, Function, Virtual Media., Lock to KVM Session

Add to My Manuals
Save this manual to your list of manuals

Page 42 highlights

Parameter Encryption level Function This control can be used to specify the encryption method to use for all Virtual Media sessions. This information is used when new client connections are requested. At that point, the console switch will attempt to negotiate for the highest enabled encryption mechanism level. This setting is disabled by default. To configure these settings: 1. Select Virtual Media. 2. Enable or disable the checkboxes in the Session Control area. o If you clear the Lock to KVM Session option, your Virtual Media sessions can remain after the Video Session Viewer that launches the session closes. o If you select Allow Reserved Sessions, only the owner of the Virtual Media session can establish a KVM session to a reserved Virtual Media session. o If you select Read-Only Access, write access to Virtual Media sessions is prevented. 3. Select zero or more levels of encryption to encode Virtual Media data sent to the console switch in the Encryption Level area. The highest level enabled will be used. 4. Click Apply to save any changes without exiting. -orClick OK to save any changes and exit. -orClick Cancel to exit without saving any changes. Configuring authentication parameters The Authentication subcategory enables you to select the type of authentication method to be used. IMPORTANT: Before implementing LDAP functionality, see "HP IP Console Switch directory services integration setup tutorial (on page 276)" for a better understanding of how LDAP works. The three types of authentication are: • Local Authentication (with local access control) Provides secure managed switch based authentication, data transfers, and user name and password storage. With two levels of access control, Console Switch Administrator and User, you can set target server-specific access rights and inter-operate with existing firewalls, VPNs, and NAT-based networks. This is the default setting and has the same functionality as in the previous software release. • LDAP Authentication Only (with local ACL) Provides a secure managed directory-based authentication for passwords and user names and a local switch-based authorization for ACLs. ACLs are maintained and stored in each individual console switch. Passwords are only in the directory server. For more information on LDAP, see "Using directory services integration (on page 200)." • LDAP Authentication and Access Control Managing KVM console switches 42

Section	Page
HP IP Console Viewer User Guide	1
Notice	2
Contents	3
Product overview	8
HP IP Console Viewer overview	8
System components	8
Main window	8
Video Session Viewer	8
Serial Session Viewer	9
Manage Console Switch windows	9
OBWI	9
Features and benefits	9
Directory services integration (LDAP)	10
Supported operating systems	10
Browser requirements	10
Supported directory services	11
System hardware requirements	11
Installation	12
Setting up the HP IP Console Switch	12
Synchronizing mouse pointers	12
Windows operating systems	12
Linux operating systems	12
Establishing LAN connections	13
Windows XP SP1 or newer	13
Installing the HP IP Console Viewer	14
Launching the HP IP Console Viewer	15
Configuring the HP IP Console Viewer	15
Navigating the HP IP Console Viewer	18
HP IP Console Viewer components overview	18
Viewing the main window	18
Main window features	19
Auto searching for a server in the list view	20
Searching for a server in the local database	20
Adding and discovering console switches	21
Adding console switches	21
Adding a console switch without an assigned IP address	21
Adding a console switch with an assigned IP address	25
Discovering one or more console switches with the Discover Wizard	28
Managing multiple connections	31
Server naming	33
Server name displays	33
Sorting displays	34
Managing cached credentials	34
Clearing login credentials	34
Accessing console switches	35
Accessing console switches overview	35
Managing KVM console switches	36
Manage Console Switch window overview for KVM console switches	36
Viewing and configuring parameters through the Settings tab	36
Configuring global parameters	36
Configuring network parameters	37
Configuring session parameters	39
Configuring Virtual Media parameters	41
Configuring authentication parameters	42
Configuring user accounts	43
Adding or modifying a user	45
Setting user access rights	47
Deleting a user	48
Locking and unlocking user accounts	48
Unlocking an account	49
Enabling or disabling a security lock-out	50
Specifying a security lock-out duration	51
Override Admin	51
Viewing interface adapter parameters	52
Setting interface adapter language parameters	52
Configuring SNMP parameters	53
Configuring general SNMP parameters	54
Adding, modifying, and deleting allowable managers	55
Adding, modifying, and deleting trap destinations	55
Configuring a cascade switch connection	56
Configuring trap parameters	56
Viewing server parameters	57
Modifying server names	58
Resynchronizing the server listing for console switches	59
Configuring cascade switch parameters	62
Viewing version parameters	63
Viewing hardware version parameters	64
Viewing interface adapter version parameters	65
Enabling automatic interface adapter firmware upgrades	65
Manually loading and upgrading the interface adapter firmware	65
Resetting an interface adapter	66
Viewing licensed options	67
Viewing the Status tab	68
Disconnecting user session	68
Using the Tools tab	69
Rebooting the console switch	69
Upgrading console switch firmware	70
Upgrading interface adapter firmware simultaneously	71
Managing console switch configuration files	72
Saving a console switch configuration database	72
Restoring a console switch configuration database	73
Managing console switch user databases	73
Saving a console switch user database	73
Restoring a console switch user database	74
Managing remote servers through the Video Session Viewer	75
About the Video Session Viewer	75
Video Session Viewer window	76
Using a smart card through Video Session Viewer	77
Accessing the Video Session Viewer	77
Selecting an action	78
Closing the Video Session Viewer	78
Video session types	78
Using exclusive mode (HP IP Console Switches with Virtual Media only)	79
Using digital share mode (HP IP Console Switches with Virtual Media only)	80
Using preemption mode (HP IP Console Switches with Virtual Media only)	81
Using stealth mode (HP IP Console Switches with Virtual Media only)	82
Connection sharing (HP IP Console Switches with Virtual Media only)	83
Expanding and refreshing the Video Session Viewer	83
Adjusting the local cursors	83
Refreshing the screen	84
Expanding to full screen mode	84
Adjusting the Video Session Viewer	84
Adjusting the Video Session Viewer size	84
Adjusting the video quality	84
Configuring session options	85
Configuring keyboard pass-through	86
Selecting function buttons for the Video Session Toolbar	86
Aligning the cursors	86
Mouse tuning	86
Windows operating systems	86
Linux operating systems	86
Viewing multiple servers using Scan mode	87
Scanning your servers	87
Accessing Scan mode	87
Setting scan preferences	88
Navigating the thumbnail view	88
Changing the thumbnail sizes	89
Adding an individual server to the scan sequence	89
Launching a server video session from a thumbnail view	89
Pausing or restarting a scan sequence	89
Setting server credentials	89
Using macros for KVM console switches	90
Sending a macro	90
Using Virtual Media (HP IP Console Switches with Virtual Media only)	90
Virtual Media requirements	91
Virtual Media resources	91
USB 2.0 composite device limitations	91
Virtual Media sharing and preemption considerations	92
Virtual Media window	92
Virtual Media session settings	93
Opening a Virtual Media session	93
Mapping to Virtual Media drives	94
Mapping to a physical drive as a Virtual Media drive	94
Unmapping a Virtual Media drive	95
Adding and mapping to an .iso or floppy image as Virtual Media drive	95
Displaying Virtual Media drive details	96
Resetting all USB devices on the server	96
Closing a Virtual Media session	97
Managing serial console switches	98
Manage Console Switch window overview for serial console switches	98
Viewing and configuring the Settings tab for serial console switches	98
Configuring global parameters for serial console switches	98
Configuring network parameters for serial console switches	99
Configuring CLI parameters for serial console switches	101
Configuring authentication parameters for serial console switches	103
Configuring session parameters for serial console switches	105
Specifying a history buffer control	106
Specifying a session time-out setting	107
Enabling or disabling plaintext sessions	107
Viewing and configuring SSH parameters for serial console switches	107
Changing the SSH authentication mode	108
Disabling SSH	109
Viewing key information	109
Configuring NTP parameters for serial console switches	109
Configuring NFS parameters for serial console switches	110
Configuring user accounts for serial console switches	112
Adding or modifying a user for serial console switches	113
Setting user access rights for serial console switches	117
Configuring the public SSH key for serial console switches	117
Deleting a user for serial console switches	120
Locking and unlocking user accounts for serial console switches	120
Unlocking an account for serial console switches	121
Enabling or disabling a security lock-out	122
Specifying a security lock-out duration	123
Override Admin subcategory for serial console switches	123
Configuring port parameters for serial console switches	124
Modifying port parameters for serial console switches	124
Configuring alert parameters for serial console switches	126
Viewing NFS parameters for serial console switches	129
Viewing statistics parameters for serial console switches	129
Configuring SNMP parameters for serial console switches	131
Configuring general SNMP parameters for serial console switches	132
Adding, modifying, and deleting allowable managers for serial console switches	133
Adding, modifying, and deleting trap destinations for serial console switches	134
Configuring trap parameters for serial console switches	134
Viewing server parameters for serial console switches	135
Modifying server names for serial console switches	136
Resynchronizing the server listing for serial console switches	137
Viewing version parameters for serial console switches	142
Viewing the Status tab for serial console switches	143
Using the Tools tab for serial console switches	144
Rebooting the serial console switch	144
Upgrading serial console switch firmware	145
Managing serial console switch configuration files	146
Saving a serial console switch configuration database	146
Restoring a serial console switch configuration database	147
Managing serial console switch user databases	148
Saving a serial console switch user database	148
Restoring a serial console switch user database	148
Managing remote servers through the Serial Session Viewer	150
About the Serial Session Viewer	150
Serial Session Viewer window	150
About options	151
Accessing the Serial Session Viewer	152
Choosing an encryption method	152
Selecting an action	153
Closing the Serial Session Viewer	154
Customizing preferences	154
Customizing session properties	155
Terminal session properties	155
Customizing terminal session properties	156
Login scripts session properties	158
Logging session properties	159
Using login scripts	159
Changing a default login script	160
Enabling or disabling automatic login	162
Enabling or disabling debug mode for login scripts	163
Using logging	164
Enable or disabling automatic logging	165
Changing the default log file directory	166
Starting dynamic logging	166
Pausing logging	167
Resuming logging	167
Stopping logging	167
Moving session data	167
Copying a session data	167
Pasting system clipboard contents	168
Printing a session screen	168
Using macros for serial console switches	168
Grouping macros for serial console switches	170
Organizing the system	173
Customizing console switch and server properties	173
General tab	173
Telnet tab	176
Serial console switch Telnet tab	176
Server Telnet tab	177
Viewing and changing telnet options	177
Network tab	179
iLO tab	181
Information tab	181
Connections properties	183
VNC tab	184
Viewing and changing VNC options	185
RDP tab	187
Viewing and changing RDP options	188
Http/Https Ports tab	191
Customizing options	191
Creating custom field labels	191
Setting up custom field labels	192
Creating new sites, departments, or locations	193
Creating new folders	193
Modifying the selected view on startup	194
Changing the default browser	194
Using Direct Draw	194
Assigning units to sites, departments, locations, or folders	195
Deleting and renaming a unit	195
Deleting a unit, site, department, location, or folder	196
Renaming a unit, site, department, location, or folder	196
Managing local databases	196
Saving local databases	196
Exporting local databases	197
Loading local databases	198
Using directory services integration	200
Using LDAP	200
LDAP Authentication Only mode	200
LDAP Authentication and Access Control mode	201
LDAP Authentication and Access Control Query types	201
Query modes	201
LDAP Authentication and Access Control Basic Mode	202
LDAP Authentication and Access Control User Attribute Mode	203
LDAP Authentication and Access Control Group Attribute Mode	204
Enabling directory services integration	204
Entering the default LDAP license key	206
Configuring LDAP parameters	207
Server Parameters tab	208
Search Parameters tab	208
Query Parameters tab	209
Console switch and server query modes	211
Setting up the Active Directory for performing group attribute mode queries	216
Using the on-board Web interface (OBWI)	218
Setting up the OBWI	218
Upgrading the console switch firmware for OBWI compatibility	218
Upgrading interface adapter firmware for OBWI compatibility	219
Migrating console switches to the OBWI	220
Synchronizing the local and console switch databases	221
Launching the OBWI	222
Installing the certificate	225
Downgrading console switch firmware	227
Managing console switches	227
Connections	227
Status	228
Configure	228
Tools	232
User accounts	233
Adding or modifying a user	233
Changing a user password	234
Deleting a user	234
Locking and unlocking user accounts	234
Disconnecting a user	235
SNMP	235
Configuring SNMP parameters	235
Enabling SNMP traps	236
Resynchronizing server connections	237
Modifying a server name	237
Configuring tiered switches	238
Interface adapters	238
Versions	239
Upgrading firmware using the OBWI	242
Upgrading console switch firmware	242
Upgrading interface adapter firmware in batch mode	245
Upgrading interface adapters individually	245
Rebooting a console switch	246
Managing console switch configuration files	246
Saving console switch configuration files	247
Restoring a configuration file to a console switch	250
Managing user databases	252
Saving a user database	252
Restoring a user database	255
Setting virtual media options	257
Troubleshooting	259
Troubleshooting chart	259
Certificate errors	261
Microsoft Internet Explorer 6	262
Microsoft Internet Explorer 7	265
Mozilla Firefox	269
Upgrading the firmware	271
Using the file system to upgrade firmware	271
Using TFTP for firmware upgrades	272
TFTP for Linux operating systems	272
Verifying TFTP for Linux operating systems	272
Upgrading the firmware using TFTP on Linux operating systems	273
HP IP Console Switch directory services integration setup tutorial	276
HP IP Console Switch directory service setup	276
Hardware configuration used for this example	276
Settings used for this example	277
Authentication and group-level access controls	277
Authentication only	289
LDAP client behavior overview	291
UID masks (simple and complex)	291
Active Directory attributes that can be used as credentials	291
Attributes initialized during creation of a new user object	291
Additional attributes available in user properties	296
Additional attributes available through the ADSI Editor	297
UID mask for single factor credentials	298
UID mask for multiple factor credentials	306
Serial Session Viewer terminal emulation modes	308
Terminal emulation modes overview	308
VT terminal emulation	308
VT102 terminal emulation	308
VT100 terminal emulation	309
VT100 ANSI set and reset mode cursor keys	310
VT100 PF1 through PF4 key definitions	310
VT100 ANSI mode control sequences	310
VT220 terminal emulation	313
VT220 decoding	314
VT52 terminal emulation	316
VT52 decoding	316
VT320 terminal emulation	317
VT320 decoding	318
Keyboard and mouse shortcuts	320
Divider pane keyboard and mouse shortcuts	320
Group view control keyboard and mouse shortcuts	320
List view keyboard and mouse operations	321
Acronyms and abbreviations	322
Glossary	327

Match case Limit results 1 per page

Managing KVM console switches

Parameter

Function

Encryption level

This control can be used to specify the encryption method to use for all Virtual

Media sessions. This information is used when new client connections are

requested. At that point, the console switch will attempt to negotiate for the highest

enabled encryption mechanism level. This setting is disabled by default.

To configure these settings:

Select

Virtual Media.

Enable or disable the checkboxes in the Session Control area.

If you clear the

Lock to KVM Session

option, your Virtual Media sessions can remain after the

Video Session Viewer that launches the session closes.

If you select

Allow Reserved Sessions,

only the owner of the Virtual Media session can establish a

KVM session to a reserved Virtual Media session.

If you select

Read-Only Access,

write access to Virtual Media sessions is prevented.

Select zero or more levels of encryption to encode Virtual Media data sent to the console switch in

the Encryption Level area. The highest level enabled will be used.

Click

Apply

to save any changes without exiting.

-or-

Click

to save any changes and exit.

-or-

Click

Cancel

to exit without saving any changes.

Configuring authentication parameters

The Authentication subcategory enables you to select the type of authentication method to be used.

IMPORTANT:

Before implementing LDAP functionality, see "HP IP Console Switch directory

services integration setup tutorial (on page

276

)" for a better understanding of how LDAP

works.

The three types of authentication are:

•

Local Authentication (with local access control)

Provides secure managed switch based authentication, data transfers, and user name and password

storage. With two levels of access control, Console Switch Administrator and User, you can set

target server-specific access rights and inter-operate with existing firewalls, VPNs, and NAT-based

networks. This is the default setting and has the same functionality as in the previous software

release.

•

LDAP Authentication Only (with local ACL)

Provides a secure managed directory-based authentication for passwords and user names and a

local switch-based authorization for ACLs. ACLs are maintained and stored in each individual

console switch. Passwords are only in the directory server. For more information on LDAP, see

"Using directory services integration (on page

200

)."

•

LDAP Authentication and Access Control